Source, Bug Alert: Confirmed remote code execution (RCE) in Spring Core, an extremely popular Java framework Praetorian has confirmed that a remote code execution vulnerability exists in Spring, an extremely popular Java framework. The flaw has been assigned a bug alert severity of 'critical'.
https://bugalert.org/content/notices/2022-03-30-spring.html